package com.bbs.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.struts2.ServletActionContext;

import com.bbs.comm.SessionContext;
import com.bbs.comm.SysConstant;
import com.bbs.dao.SectionDao;
import com.bbs.dao.impl.SectionDaoImpl;
import com.bbs.model.User;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;

public class SectionPrivilegeInterceptor implements Interceptor {
	private static final long serialVersionUID = 1L;

	@Override
	public void init() {

	}

	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		User user = null;
		HttpServletRequest request = ServletActionContext.getRequest();
		HttpSession session = request.getSession();
		SessionContext sc = ((SessionContext) session
				.getAttribute(SysConstant.SESSION_CONTEXT));
		if (null != sc) {// 在项目重新启动的时候可能为空，只要登录就再一次为SessionContext赋值
			user = sc.getUser();
			if(user.getUser_role_id()==SysConstant.SA){
				
			}
			String sectionId=request.getParameter("section.section_id");
			if(sectionId!=null){
				SectionDao sd=new SectionDaoImpl();
				if(sd.isModerator(user.getUser_role_id(),sectionId)){
					return invocation.invoke();
				}
			}
		}
		return "permissionDenied";
	}

	
	
	@Override
	public void destroy() {

	}
}
